Appl. No. 09/608,986 

Amdt. dated November 2, 2005 

Reply to Office Action of August 25, 2005 

REMARKS/ARGUMENTS 

Claims 8-27 are pending in the present application. In the Office Action mailed August 25, 
2005, the Examiner withdrew claims 14-15 pursuant to a restriction requirement. The Examiner also 
rejected claims 8-13 and 16-27 under 35 U.S.C. § 103(a). 

Based on the telephonic interview of October 26, 2005, referenced below in Section I, this 
Supplemental Amendment and Response is being filed. This Supplemental Amendment and 
Response replaces and supersedes the prior Amendment and Response filed on September 28, 2005. 

Reconsideration is respectfully requested in view of the above amendments to the claims and 
the following remarks. 

I. Statement of the Substance of the Interview 

As required by M.P.E.P. § 7 1 3 .04, Applicant hereby files a Statement of the Substance of the 
Literview. Applicant thank the Examiner for the consideration given during the telephonic interview 
of October 26, 2005. hi that interview, the attorney of record and the Examiner discussed the 
amendments that are made by this paper. 

II. Restriction Requirement 

Li the Office Action, the Examiner imposed an election/restriction requirement in the present 
case on grounds that "claims 14-15 are directed to an invention that is independent or distinct from 
the invention originally claimed." Office Action, p. 2. The Office Action further noted that the 
remaining claims — /.e, claims 8-13 and 16-27 — have been "constructively elected by original 
presentation for prosecution on the merits." Id. at p. 3. By this paper, Applicants respectfully affirm 
their election to have claims 8-13 and 16-27 {i.e., the claims indicated as "Group 11") prosecuted in 
the present case. As such, claims 14 and 15 have been formally withdrawn by the present paper. 



Page 9 of 14 



AppL No. 09/608,986 

Amdt. dated November 2, 2005 

Reply to Office Action of August 25, 2005 

III. Reiection of Claims 8. 12. 16-17, 24. 26-27 Under 35 U.S.C. S 103(a) 

The Examiner rejected claims 8-12, 16-22 and 24-27 under 35 U.S.C. § 103(a) based on U.S. 
Patent No. 5,657,390 to Elgamal et al (hereinafter "Elgamal") in view of U.S. Patent No. 6,816,900 
issued to Vogel et al (hereinafter "Vogel") and in further view of the article by Samar entitled 
"Single Sign-On Using Cookies for Web Applications" (hereinafter "Samar"). This rejection is 
respectfiilly traversed. 

The M.P.E.P. states that 

To establish a prima facie case of obviousness, three basic criteria must 
be met. First, there must be some suggestion or motivation, either in the 
references themselves or in the knowledge generally available to one of 
ordinary skill in the art, to modify the reference or to combine reference 
teachings. Second, there must be a reasonable expectation of success. Finally, 
the prior art reference (or references when combined) must teach or suggest 
all the claim limitations. The teaching or suggestion to make the claimed 
combination and the reasonable expectation of success must both be found in 
the prior art, and not based on applicanf s disclosure. 

The initial burden is on the examiner to provide some suggestion of the 
desirability of doing what the inventor has done. To support the conclusion 
that the claimed invention is directed to obvious subject matter, either the 
references must expressly or impliedly suggest the claimed invention or the 
examiner must present a convincing line of reasoning as to why the artisan 
would have found the claimed invention to have been obvious in light of the 
teachings of the references. 

M.P.E.P. §2142. 

Applicants respectfully assert that the present claims are patentably distinct from the cited 
references. Specifically, the cited references do not teach or suggest all of the limitation that are 
required by the present claims. For example independent claims 8 and 16 each recite a method "for 
providing a single sign-on authentication and privacy" which includes the step of "verifying the 
submitted certificate with a trusted certificate, wherein the verifying step is performed by a security 
extension in a server and operates to verify a certificate sent from a cHent to the server." Likewise, 
independent claims 24 and 26 are claims for an apparatus "comprising a computer-readable storage 
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medium having executable instructions that enable the computer to," among other things, "verify the 
submitted certificate with a trusted certificate, wherein such verifying is performed by a security 
extension in a server and operates to verify a certificate sent from a client to the server." Support for 
these limitations are found throughout Applicants' specification including, for example, page 8, lines 
3-18. 

Such limitations are not taught or suggested by the combined teachings of Elgamal, Vogel, or 

Samar. As noted by the Office Action, the reference which allegedly teaches the step of "verifying 

the submitted certificate with a trusted certificate" is Vogel. Specifically, the Examiner asserts that 

Elgamal lacks disclosure of implementation-specific verification of 
the submitted certificate. However, Vogel teaches that in an SSL 
session, a certificate is verified using a root certificate/trusted 
certificate to prove that the server is approved for secure connections 
(col. 1, lines 30-40). 

Office Action, p. 4. To the extent that the Examiner is correct in asserting that Vogel teaches the 

limitation of "verifying the submitted certificate with a trusted certificate," Vogel clearly does not 

teach a system in which the "verifying step is performed by a security extension in a server and 

operates to verify a certificate sent from a client to the server," as is required by the present claims. 

On the contrary, Vogel teaches a system in which the "verification" occurs at the client computer and 

that such verification is performed on a certificate that has been sent from the server to the client. 

See Vogel, Col., 1, lines 30-40. fri fact, this passage of Vogel explicitly teaches: 

The SSL protocol uses a public key infrastructure to maintain 
security. In establishing an SSL connection between a client computer 
and a server computer hosting a web page, the server computer 
transmits a certificate to the client computer for verification. If a 
trusted certifying authority has approved the server computer (or web 
page) for secure connections, then a root certificate that is maintained 
at the client and issued by a root certifying authority (CA) will verify 
the certificate received from the server. 

Vogel, Col. 1, lines 30-40 (emphasis added). 
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Accordingly because Vogel and the other cited references fails to teach the limitation that the 
"verifying" "is performed by a security extension in a server and operates to verify a certificate sent 
from a client to the server," these references clearly does not teach or suggest all of the limitations 
found in independent claims 8, 16, 24, and 26. Accordingly, these references cannot be used to 
reject these independent claims under 35 U.S.C. § 103(a). Withdrawal of these rejections is 
respectfully requested. 

Claims 9-13 depend either directly or indirectly from independent claim 1. Claims 17-23 
depend either directly or indirectly from claim 26. Claim 25 depends directly from claim 24, Claim 
27 depends directly from claim 26. Accordingly, Applicants respectfully request that the rejection of 
claims 9-13, 17-23, 25 and 27 be. withdrav^n for at least the same reasons as those presented above in 
connection with claims 8, 16, 24, and 26. 

IV. Rejection of Claim 13 Under 35 U.S.C. $ 103(a) 

The Examiner rejected claim 13 under 35 U.S.C. § 103(a) based on Elgamal in view of Vogel 
and Samar and in further view of Applied Cryptography, Second Edition by Schneier (hereinafter 
"Schneier"). This rejection is respectfully traversed. 

As noted above, a claim cannot be rejected as being prima facie obvious unless all of the 
claim limitations are taught or suggested by the prior art references. See MPEP § 2143.03. In the 
present case, claim 13 depends from independent claim 1 . Accordingly, like independent claim 1, 
claim 1 3 contains the limitation that the "verifying step" "is performed by a security extension in a 
server and operates to verify a certificate sent from a client to the server." As explained in greater 
detail above, this limitation is not taught by Vogel, Elgamal or Samar. Likewise, Applicants can find 
no disclosure in Schneier that relates to this claim limitation. 

Accordingly, this combination of references does not teach or suggest all of the limitations 
found in claim 13 and this claim cannot be rejected as being obvious under 35 U.S.C. § 103(a). 
Withdrawal of this rejection is respectfully requested. 
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V. Rejection of Claim 23 Under 35 U.S.C. S 103(a) 

The Examiner rejected claim 23 under 35 U.S.C. § 103(a) based on Elgamal in view of Vogel 
and Samar and in further view of Handbook of Applied Cryptography by Menezes et al (hereinafter 
"Menezes"). This rejection is respectfully traversed. 

As noted above, a claim cannot be rejected as being prima facie obvious unless all of the 
claim limitations are taught or suggested by the prior art references. See MPEP § 2143.03. hi the 
present case, claim 23 depends from independent claim 16. Accordingly, like independent claim 16, 
claim 13 contains the limitation that the "verifying step" "is performed by a security extension in a 
server and operates to verify a certificate sent from a client to the server." As explained in greater 
detail above, this limitation is not taught by Vogel, Elgamal or Samar. Likewise, AppUcants can find 
no disclosure in Menezes that relates to this claim limitation. 

Accordingly, this combination of references does not teach or suggest all of the limitations 
found in claim 23 and this claim cannot be rejected as being obvious under 35 U.S.C. § 103(a). 
Withdrawal of this rejection is respectfully requested. 
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VL Conclusion 

Applicants respectfully assert that all pending claims are patentably distinct from the cited 
references, and request that a timely Notice of Allowance be issued in this case. If there are any 
remaining issues preventing allowance of the pending claims that maybe clarified by telephone, the 
Examiner is requested to call the undersigned. 



Date: November 2, 2005 

MADSON & METCALF 
Gateway Tower West 
15 West South Temple, Suite 900 
Salt Lake City, Utah 84101 
Telephone: 801/537-1700 



Respectfully submitted, 




Wesley I/Austm / 
Reg. No. 42,273 
Attorney for Applicant 
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